Hi Nick,
Use an HMAC.
Jeff
On 6/25/09, Nick Aschberger <
nick.aschberger@...> wrote:
>
> Hi Folks,
>
> I may be missing something in my use of the SHA1 algorithm, I am
> hoping you can explain it to me.
>
> I have an unencrypted string, I make a function call like:
> my_sha1_object.calculateDigest(outputdigest, inputstring, length);
>
> No problems there, my digest is created.
>
>
> However, I am sending this information across a socket, so I'm
> thinking that anyone can snoop my unencrypted string,
> and assuming they were also using cryptopp sha algorithm, they would
> easily be able to recreate the same digest.
>
> Am I wrong in thinking this is insecure - am I thinking about this
> incorrectly?
>
> I've been wondering if there is some way to initialise the "state" of
> the sha object with our own key/values, which would be secure, and
> unrepeatable.
>
> I have looked in to the sha1.InitState function - this retrieves the
> intial state - but how do you set it?
>
> Is the "transform" function what I am after? There is no documentation/
> usage guide/examples or even comments (or my google-fu is weak!) for
> either InitState or Transform functions.
> So, what are they for, and do they do what I want?
>
> thanks!
>
>
> Nick Aschberger
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to
cryptopp-users-unsubscribe@....
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---
